{"reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 7.2}, "vulnersScore": 7.2}, "published": "2015-01-06T10:59:04", "cvelist": ["CVE-2014-8131"], "title": "CVE-2014-8131", "objectVersion": "1.2", "type": "cve", "hash": "b02cce96d85fb55957e123a4aa6ba2e5283d464287df6317dab7f1a0c0ac3e64", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8131", "bulletinFamily": "NVD", "id": "CVE-2014-8131", "history": [], "scanner": [], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "modified": "2015-01-06T13:57:12", "viewCount": 0, "cpe": ["cpe:/a:redhat:libvirt:1.2.10"], "edition": 1, "description": "The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.", "references": ["http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html", "http://security.libvirt.org/2014/0008.html"], "lastseen": "2016-09-03T21:26:26", "assessment": {"system": "", "name": "", "href": ""}}

{"gentoo": [{"lastseen": "2016-09-06T19:46:01", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8136", "https://bugs.gentoo.org/show_bug.cgi?id=533286", "https://bugs.gentoo.org/show_bug.cgi?id=532204", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8135", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8131"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.2.10-r3", "packageName": "app-emulation/libvirt", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nlibvirt is a C toolkit for manipulating virtual machines.\n\n### Description\n\nMultiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker may be able to cause Denial of Service.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libvirt users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/libvirt-1.2.10-r3\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2014-12-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "gentoo", "title": "libvirt: Denial of Service", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8136", "CVE-2014-8131", "CVE-2014-8135"], "modified": "2014-12-24T00:00:00", "id": "GLSA-201412-36", "href": "https://security.gentoo.org/glsa/201412-36", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-02T00:07:48", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1184431", "https://bugzilla.redhat.com/show_bug.cgi?id=1172569", "https://bugzilla.redhat.com/show_bug.cgi?id=1176176", "http://www.nessus.org/u?e5b9a447"], "pluginID": "81365", "description": "- Rebased to version 1.2.9.2\n\n - CVE-2014-8131: deadlock and segfault in qemuConnectGetAllDomainStats (bz #1172571)\n\n - CVE-2015-0236: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save images and snapshots objects (bz #1185769)\n\n - CVE-2014-8136: local denial of service in qemu/qemu_driver.c (bz #1176179)\n\n - Fix crash parsing nbd URIs (bz #1188644)\n\n - Fix domain startup failing with 'strict' mode in numatune (bz #1168672)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2015-02-16T00:00:00", "title": "Fedora 21 : libvirt-1.2.9.2-1.fc21 (2015-1892)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8136", "CVE-2014-8131", "CVE-2015-0236"], "modified": "2015-10-19T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:21", "p-cpe:/a:fedoraproject:fedora:libvirt"], "id": "FEDORA_2015-1892.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81365", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-1892.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81365);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:17 $\");\n\n script_cve_id(\"CVE-2014-8131\", \"CVE-2014-8136\", \"CVE-2015-0236\");\n script_xref(name:\"FEDORA\", value:\"2015-1892\");\n\n script_name(english:\"Fedora 21 : libvirt-1.2.9.2-1.fc21 (2015-1892)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Rebased to version 1.2.9.2\n\n - CVE-2014-8131: deadlock and segfault in\n qemuConnectGetAllDomainStats (bz #1172571)\n\n - CVE-2015-0236: missing ACL check for the\n VIR_DOMAIN_XML_SECURE flag in save images and\n snapshots objects (bz #1185769)\n\n - CVE-2014-8136: local denial of service in\n qemu/qemu_driver.c (bz #1176179)\n\n - Fix crash parsing nbd URIs (bz #1188644)\n\n - Fix domain startup failing with 'strict' mode in\n numatune (bz #1168672)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1172569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1176176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1184431\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-February/149649.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5b9a447\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"libvirt-1.2.9.2-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:59:12", "references": ["https://security.gentoo.org/glsa/201412-36"], "pluginID": "80241", "description": "The remote host is affected by the vulnerability described in GLSA-201412-36 (libvirt: Denial of Service)\n\n Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker may be able to cause Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "edition": 4, "reporter": "Tenable", "published": "2014-12-26T00:00:00", "title": "GLSA-201412-36 : libvirt: Denial of Service", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8136", "CVE-2014-8131", "CVE-2014-8135"], "modified": "2015-04-13T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:libvirt"], "id": "GENTOO_GLSA-201412-36.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80241", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-36.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80241);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/04/13 14:33:56 $\");\n\n script_cve_id(\"CVE-2014-8131\", \"CVE-2014-8135\", \"CVE-2014-8136\");\n script_xref(name:\"GLSA\", value:\"201412-36\");\n\n script_name(english:\"GLSA-201412-36 : libvirt: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-36\n(libvirt: Denial of Service)\n\n Multiple vulnerabilities have been discovered in libvirt. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker may be able to cause Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-36\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libvirt users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/libvirt-1.2.10-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/libvirt\", unaffected:make_list(\"ge 1.2.10-r3\"), vulnerable:make_list(\"lt 1.2.10-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:05:28", "references": ["http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html", "https://bugzilla.opensuse.org/show_bug.cgi?id=910860", "https://bugzilla.opensuse.org/show_bug.cgi?id=910862", "https://bugzilla.opensuse.org/show_bug.cgi?id=904432", "https://bugzilla.opensuse.org/show_bug.cgi?id=909274"], "pluginID": "80355", "description": "- CVE-2014-8135: libvirt: local denial of service in storage driver 87b9437f-CVE-2014-8135.patch bsc#910860\n\n - CVE-2014-8136: libvirt: local denial of service in qemu driver 2bdcd29c-CVE-2014-8136.patch bsc#910862\n\n - CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats() 57023c0a-CVE-2014-8131.patch, cb104ef7-CVE-2014-8131.patch bsc#909274\n\n - Get /proc/sys/net/ipv[46] read-write for wicked to work in containers. bsc#904432. ba9b7252-sys-net-rw.patch\n\n - Fix potential crasher in virt-aa-helper 2222123-virt-aa-helper-crash.patch\n\n - ip link add now needs the 'name' parameter.\n 433b427-iplink-name.patch\n\n - Fixes for virt-sandbox-service to work :\n\n - Allow adding virt-sandbox service config to apparmor rules. c264eea-virt-aa-helper-sandbox.patch\n\n - fix symlink resolving for containers to start.\n 72fecf1-lxc-resolve-symlinks.patch\n\n - fix unmounting file system if it contains the source to mount. e50457d-lxc-unmount-check.patch\n\n - Remove security_driver = 'none' in qemu config. This completely disabled all security drivers instead of probing them.\n\n - Changed default value of QEMU's security_default_confined to 0 to keep QEMU domains unconfined by default.", "edition": 4, "reporter": "Tenable", "published": "2015-01-05T00:00:00", "title": "openSUSE Security Update : libvirt (openSUSE-SU-2015:0008-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8136", "CVE-2014-8131", "CVE-2014-8135"], "modified": "2015-01-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml", "p-cpe:/a:novell:opensuse:libvirt-login-shell-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-devel-32bit", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-client-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-xen-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-xen", "p-cpe:/a:novell:opensuse:libvirt-client-32bit", "p-cpe:/a:novell:opensuse:libvirt-daemon-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-login-shell", "p-cpe:/a:novell:opensuse:libvirt-daemon-uml", "p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-daemon-lxc", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface", "p-cpe:/a:novell:opensuse:libvirt-daemon-xen", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-vbox", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-client", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-client-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret", "p-cpe:/a:novell:opensuse:libvirt-debugsource", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network", "p-cpe:/a:novell:opensuse:libvirt-daemon"], "id": "OPENSUSE-2015-3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80355", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-3.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80355);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/01/07 13:47:57 $\");\n\n script_cve_id(\"CVE-2014-8131\", \"CVE-2014-8135\", \"CVE-2014-8136\");\n\n script_name(english:\"openSUSE Security Update : libvirt (openSUSE-SU-2015:0008-1)\");\n script_summary(english:\"Check for the openSUSE-2015-3 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2014-8135: libvirt: local denial of service in\n storage driver 87b9437f-CVE-2014-8135.patch bsc#910860\n\n - CVE-2014-8136: libvirt: local denial of service in qemu\n driver 2bdcd29c-CVE-2014-8136.patch bsc#910862\n\n - CVE-2014-8131: Fix possible deadlock and segfault in\n qemuConnectGetAllDomainStats()\n 57023c0a-CVE-2014-8131.patch,\n cb104ef7-CVE-2014-8131.patch bsc#909274\n\n - Get /proc/sys/net/ipv[46] read-write for wicked to work\n in containers. bsc#904432. ba9b7252-sys-net-rw.patch\n\n - Fix potential crasher in virt-aa-helper\n 2222123-virt-aa-helper-crash.patch\n\n - ip link add now needs the 'name' parameter.\n 433b427-iplink-name.patch\n\n - Fixes for virt-sandbox-service to work :\n\n - Allow adding virt-sandbox service config to apparmor\n rules. c264eea-virt-aa-helper-sandbox.patch\n\n - fix symlink resolving for containers to start.\n 72fecf1-lxc-resolve-symlinks.patch\n\n - fix unmounting file system if it contains the source to\n mount. e50457d-lxc-unmount-check.patch\n\n - Remove security_driver = 'none' in qemu config. This\n completely disabled all security drivers instead of\n probing them.\n\n - Changed default value of QEMU's\n security_default_confined to 0 to keep QEMU domains\n unconfined by default.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=904432\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=909274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=910860\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=910862\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-uml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-vbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-login-shell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-client-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-client-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-config-network-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-config-nwfilter-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-interface-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-interface-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-lxc-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-lxc-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-network-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-network-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-nodedev-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-nwfilter-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-qemu-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-qemu-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-secret-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-secret-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-storage-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-storage-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-uml-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-uml-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-vbox-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-driver-vbox-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-lxc-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-qemu-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-uml-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-daemon-vbox-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-debugsource-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-devel-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-lock-sanlock-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-lock-sanlock-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-login-shell-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libvirt-login-shell-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-client-32bit-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-client-debuginfo-32bit-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-xen-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-xen-debuginfo-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-1.2.9-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libvirt-devel-32bit-1.2.9-8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-client / libvirt-client-32bit / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-01T23:50:17", "references": ["https://security.gentoo.org/glsa/201412-36"], "pluginID": "1361412562310121322", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201412-36", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-09-29T00:00:00", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201412-36", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8136", "CVE-2014-8131", "CVE-2014-8135"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310121322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121322", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201412-36.nasl 9374 2018-04-06 08:58:12Z cfischer $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121322\");\nscript_version(\"$Revision: 9374 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-29 11:28:20 +0300 (Tue, 29 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:58:12 +0200 (Fri, 06 Apr 2018) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201412-36\");\nscript_tag(name: \"insight\", value: \"Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201412-36\");\nscript_cve_id(\"CVE-2014-8131\",\"CVE-2014-8135\",\"CVE-2014-8136\");\nscript_tag(name:\"cvss_base\", value:\"4.0\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201412-36\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"app-emulation/libvirt\", unaffected: make_list(\"ge 1.2.10-r3\"), vulnerable: make_list(\"lt 1.2.10-r3\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:38", "references": ["2015-1892", "https://lists.fedoraproject.org/pipermail/package-announce/2015-February/149649.html"], "pluginID": "1361412562310869008", "description": "Check the version of libvirt", "edition": 5, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-02-15T00:00:00", "title": "Fedora Update for libvirt FEDORA-2015-1892", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8136", "CVE-2014-8131", "CVE-2015-0236"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310869008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2015-1892\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869008\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-15 05:48:25 +0100 (Sun, 15 Feb 2015)\");\n script_cve_id(\"CVE-2014-8131\", \"CVE-2015-0236\", \"CVE-2014-8136\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libvirt FEDORA-2015-1892\");\n script_tag(name: \"summary\", value: \"Check the version of libvirt\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Libvirt is a C toolkit to interact with the\nvirtualization capabilities of recent versions of Linux (and other OSes). The\nmain package includes the libvirtd server exporting the virtualization support.\n\");\n script_tag(name: \"affected\", value: \"libvirt on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-1892\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-February/149649.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~1.2.9.2~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:21", "references": ["http://linux.oracle.com/errata/ELSA-2015-0323.html"], "pluginID": "1361412562310123165", "description": "Oracle Linux Local Security Checks ELSA-2015-0323", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2015-0323", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8136", "CVE-2014-7823", "CVE-2014-3657", "CVE-2014-3633", "CVE-2014-8131", "CVE-2015-0236"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:1361412562310123165", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123165", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2015-0323.nasl 6560 2017-07-06 11:58:38Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123165\");\nscript_version(\"$Revision: 6560 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:00:11 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:58:38 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2015-0323\");\nscript_tag(name: \"insight\", value: \"ELSA-2015-0323 - libvirt security, bug fix, and enhancement update - [1.2.8-16.0.1]- Replace docs/et.png in tarball with blank image[1.2.8-16]- qemu: don't setup cpuset.mems if memory mode in numatune is not 'strict' (rhbz#1186094)- lxc: don't setup cpuset.mems if memory mode in numatune is not 'strict' (rhbz#1186094)[1.2.8-15]- qemu: Add missing goto error in qemuRestoreCgroupState (rhbz#1161540)[1.2.8-14]- virNetworkDefUpdateIPDHCPHost: Don't crash when updating network (rhbz#1182486)- Format CPU features even for host-model (rhbz#1182448)- util: Add function virCgroupHasEmptyTasks (rhbz#1161540)- util: Add virNumaGetHostNodeset (rhbz#1161540)- qemu: Remove unnecessary qemuSetupCgroupPostInit function (rhbz#1161540)- qemu: Save numad advice into qemuDomainObjPrivate (rhbz#1161540)- qemu: Leave cpuset.mems in parent cgroup alone (rhbz#1161540)- qemu: Fix hotplugging cpus with strict memory pinning (rhbz#1161540)- util: Fix possible NULL dereference (rhbz#1161540)- qemu_driver: fix setting vcpus for offline domain (rhbz#1161540)- qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs (CVE-2014-8136)- CVE-2015-0236: qemu: Check ACLs when dumping security info from save image (CVE-2015-0236)- CVE-2015-0236: qemu: Check ACLs when dumping security info from snapshots (CVE-2015-0236)- Check for domain liveness in qemuDomainObjExitMonitor (rhbz#1161024)- Mark the domain as active in qemuhotplugtest (rhbz#1161024)- Fix vmdef usage while in monitor in qemuDomainHotplugVcpus (rhbz#1161024)- Fix vmdef usage while in monitor in BlockStat* APIs (rhbz#1161024)- Fix vmdef usage while in monitor in qemu process (rhbz#1161024)- Fix vmdef usage after domain crash in monitor on device detach (rhbz#1161024)- Fix vmdef usage after domain crash in monitor on device attach (rhbz#1161024)[1.2.8-13]- conf: Fix memory leak when parsing invalid network XML (rhbz#1180136)- qxl: change the default value for vgamem_mb to 16 MiB (rhbz#1181052)- qemuxml2argvtest: Fix test after change of qxl vgamem_mb default (rhbz#1181052)- conf: fix crash when hotplug a channel chr device with no target (rhbz#1181408)- qemu: forbid second blockcommit during active commit (rhbz#1135339)- qemu_monitor: introduce new function to get QOM path (rhbz#1180574)- qemu_process: detect updated video ram size values from QEMU (rhbz#1180574)[1.2.8-12]- Fix hotplugging of block device-backed usb disks (rhbz#1175668)- qemu: Create memory-backend-{ram, file} iff needed (rhbz#1175397)- conf: Don't format actual network definition in migratable XML (rhbz#1177194)[1.2.8-11]- virsh: vol-upload disallow negative offset (rhbz#1087104)- storage: fix crash caused by no check return before set close (rhbz#1087104)- qemu: Fix virsh freeze when blockcopy storage file is removed (rhbz#1139567)- security: Manage SELinux labels on shared/readonly hostdev's (rhbz#1082521)- nwfilter: fix crash when adding non-existing nwfilter (rhbz#1169409)- conf: Fix libvirtd crash matching hostdev XML (rhbz#1174053)- qemu: Resolve Coverity REVERSE_INULL (rhbz#1172570)- CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats() (CVE-2014-8131)- qemu: bulk stats: Fix logic in monitor handling (rhbz#1172570)- qemu: avoid rare race when undefining domain (rhbz#1150505)- Do not format CPU features without a model (rhbz#1151885)- Ignore CPU features without a model for host-passthrough (rhbz#1151885)- Silently ignore MAC in NetworkLoadConfig (rhbz#1156367)- Generate a MAC when loading a config instead of package update (rhbz#1156367)- qemu: move setting emulatorpin ahead of monitor showing up (rhbz#1170484)- util: Introduce flags field for macvtap creation (rhbz#1081461)- network: Bring netdevs online later (rhbz#1081461)- qemu: always call qemuInterfaceStartDevices() when starting CPUs (rhbz#1081461)- qemu: add a qemuInterfaceStopDevices(), called when guest CPUs stop (rhbz#1081461)- conf: replace call to virNetworkFree() with virObjectUnref() (rhbz#1099210)- util: new functions for setting bridge and bridge port attributes (rhbz#1099210)- util: functions to manage bridge fdb (forwarding database) (rhbz#1099210)- conf: new network bridge device attribute macTableManager (rhbz#1099210)- network: save bridge name in ActualNetDef when actualType==network too (rhbz#1099210)- network: store network macTableManager setting in NetDef actual object (rhbz#1099210)- network: setup bridge devices for macTableManager='libvirt' (rhbz#1099210)- qemu: setup tap devices for macTableManager='libvirt' (rhbz#1099210)- qemu: add/remove bridge fdb entries as guest CPUs are started/stopped (rhbz#1099210)- virsh: document block.n.allocation stat (rhbz#1041569)- getstats: avoid memory leak on OOM (rhbz#1041569)- getstats: improve documentation (rhbz#1041569)- getstats: start giving offline block stats (rhbz#1041569)- getstats: add block.n.path stat (rhbz#1041569)- qemuMonitorJSONBlockStatsUpdateCapacity: Don't skip disks (rhbz#1041569)- getstats: prepare monitor collection for recursion (rhbz#1041569)- getstats: perform recursion in monitor collection (rhbz#1041569)- getstats: prepare for dynamic block.count stat (rhbz#1041569)- getstats: add new flag for block backing chain (rhbz#1041569)- getstats: split block stats reporting for easier recursion (rhbz#1041569)- getstats: crawl backing chain for qemu (rhbz#1041569)- logical: Add '--type snapshot' to lvcreate command (rhbz#1166592)[1.2.8-10]- qemu: add the missing jobinfo type in qemuDomainGetJobInfo (rhbz#1167883)- network: Fix upgrade from libvirt older than 1.2.4 (rhbz#1167145)- qemu: fix domain startup failing with 'strict' mode in numatune (rhbz#1168866)- qemu: Don't track quiesced state of FSs (rhbz#1160084)- qemu: fix block{commit,copy} abort handling (rhbz#1135169)[1.2.8-9]- doc: fix mismatched ACL attribute name (rhbz#1161358)- qemu: monitor: Rename and improve qemuMonitorGetPtyPaths (rhbz#1146944)- conf: Add channel state for virtio channels to the XML (rhbz#1146944)- qemu: Add handling for VSERPORT_CHANGE event (rhbz#1146944)- qemu: chardev: Extract more information about character devices (rhbz#1146944)- qemu: process: Refresh virtio channel guest state when connecting to mon (rhbz#1146944)- event: Add guest agent lifecycle event (rhbz#1146944)- examples: Add support for the guest agent lifecycle event (rhbz#1146944)- qemu: Emit the guest agent lifecycle event (rhbz#1146944)- internal: add macro to round value to the next closest power of 2 (rhbz#1076098)- video: cleanup usage of vram attribute and update documentation (rhbz#1076098)- QXL: fix setting ram and vram values for QEMU QXL device (rhbz#1076098)- caps: introduce new QEMU capability for vgamem_mb device property (rhbz#1076098)- qemu-command: use vram attribute for all video devices (rhbz#1076098)- qemu-command: introduce new vgamem attribute for QXL video device (rhbz#1076098)[1.2.8-8]- qemu: Fix crash in tunnelled migration (rhbz#1147331)- qemu: Really fix crash in tunnelled migration (rhbz#1147331)- qemu: Update fsfreeze status on domain state transitions (rhbz#1160084)- qemuPrepareNVRAM: Save domain conf only if domain's persistent (rhbz#1026772)- docs: Document NVRAM behavior on transient domains (rhbz#1026772)- Fix build in qemu_capabilities (rhbz#1165782)- qemu: Support OVMF on armv7l aarch64 guests (rhbz#1165782)- qemu: Drop OVMF whitelist (rhbz#1165782)- storage: Fix issue finding LU's when block doesn't exist (rhbz#1152382)- storage: Add thread to refresh for createVport (rhbz#1152382)- storage: qemu: Fix security labelling of new image chain elements (rhbz#1151718)- virsh: sync domdisplay help and manual (rhbz#997802)- docs: domain: Move docs for storage hosts under the element (rhbz#1164528)- test: virstoragetest: Add testing of network disk details (rhbz#1164528)- util: storage: Copy hosts of a storage file only if they exist (rhbz#1164528)- qemu: Refactor qemuBuildNetworkDriveURI to take a virStorageSourcePtr (rhbz#1164528)- tests: Reflow the expected output from RBD disk test (rhbz#1164528)- util: split out qemuParseRBDString into a common helper (rhbz#1164528)- util: storagefile: Split out parsing of NBD string into a separate func (rhbz#1164528)- storage: Allow parsing of RBD backing strings when building backing chain (rhbz#1164528)- storage: rbd: qemu: Add support for specifying internal RBD snapshots (rhbz#1164528)- storage: rbd: Implement support for passing config file option (rhbz#1164528)[1.2.8-7]- qemu: avoid rare race when undefining domain (rhbz#1150505)- qemu: stop NBD server after successful migration (rhbz#1160212)- Require at least one console for LXC domain (rhbz#1155410)- remote: Fix memory leak in remoteConnectGetAllDomainStats (rhbz#1158715)- CVE-2014-7823: dumpxml: security hole with migratable flag (CVE-2014-7823)- Free job statistics from the migration cookie (rhbz#1161124)- Fix virDomainChrEquals for spicevmc (rhbz#1162097)- network: fix call virNetworkEventLifecycleNew when networkStartNetwork fail (rhbz#1162915)- Do not crash on gluster snapshots with no host name (rhbz#1162974)- nwfilter: fix deadlock caused updating network device and nwfilter (rhbz#1143780)- util: eliminate 'use after free' in callers of virNetDevLinkDump (rhbz#1163463)- storage: Check for valid fc_host parent at startup (rhbz#1160565)- storage: Ensure fc_host parent matches wwnn/wwpn (rhbz#1160565)- storage: Don't use a stack copy of the adapter (rhbz#1160926)- storage: Introduce virStoragePoolSaveConfig (rhbz#1160926)- storage: Introduce 'managed' for the fchost parent (rhbz#1160926)- qemu: Always set migration capabilities (rhbz#1163953)[1.2.8-6]- qemu: support nospace reason in io error event (rhbz#1119784)- RHEL: Add support for QMP I/O error reason (rhbz#1119784)- nodeinfo: fix nodeGetFreePages when max node is zero (rhbz#1145048)- nodeGetFreePages: Push forgotten change (rhbz#1145048)- conf: tests: fix virDomainNetDefFormat for vhost-user in client mode (rhbz#1155458)- util: string: Add helper to check whether string is empty (rhbz#1142693)- qemu: restore: Fix restoring of VM when the restore hook returns empty XML (rhbz#1142693)- security_selinux: Don't relabel /dev/net/tun (rhbz#1095636)- qemu: Fix updating bandwidth limits in live XML (rhbz#1146511)- qemu: save domain status after set the blkio parameters (rhbz#1146511)- qemu: call qemuDomainObjBeginJob/qemuDomainObjEndJob in qemuDomainSetInterfaceParameters (rhbz#1146511)- qemu: save domain status after set domain's numa parameters (rhbz#1146511)- qemu: forbid snapshot-delete --children-only on external snapshot (rhbz#956506)- qemu: better error message when block job can't succeed (rhbz#1140981)- Reject live update of offloading options (rhbz#1155441)- virutil: Introduce virGetSCSIHostNumber (rhbz#1146837)- virutil: Introduce virGetSCSIHostNameByParentaddr (rhbz#1146837)- storage_conf: Resolve libvirtd crash matching scsi_host (rhbz#1146837)- Match scsi_host pools by parent address first (rhbz#1146837)- Relax duplicate SCSI host pool checking (rhbz#1146837)- qemu: Remove possible NULL deref in debug output (rhbz#1141621)- virsh: Adjust the text in man page regarding qemu-attach (rhbz#1141621)- hotplug: Check for alias in controller detach (rhbz#1141621)- hotplug: Check for alias in disk detach (rhbz#1141621)- hotplug: Check for alias in hostdev detach (rhbz#1141621)- hotplug: Check for alias in chrdev detach (rhbz#1141621)- hotplug: Check for alias in net detach (rhbz#1141621)- qemu-attach: Assign device aliases (rhbz#1141621)- hotplug: fix char device detach (rhbz#1141621)- storage: Fix crash when parsing backing store URI with schema (rhbz#1156288)- remote: fix jump depends on uninitialised value (rhbz#1158715)- qemu: Release nbd port from migrationPorts instead of remotePorts (rhbz#1159245)- conf: add trustGuestRxFilters attribute to network and domain interface (rhbz#848199)- network: set interface actual trustGuestRxFilters from network/portgroup (rhbz#848199)- util: define virNetDevRxFilter and basic utility functions (rhbz#848199)- qemu: qemuMonitorQueryRxFilter - retrieve guest netdev rx-filter (rhbz#848199)- qemu: add short document on qemu event handlers (rhbz#848199)- qemu: setup infrastructure to handle NIC_RX_FILTER_CHANGED event (rhbz#848199)- qemu: change macvtap device MAC address in response to NIC_RX_FILTER_CHANGED (rhbz#848199)- util: Functions to update host network device's multicast filter (rhbz#848199)- qemu: change macvtap multicast list in response to NIC_RX_FILTER_CHANGED (rhbz#848199)- virnetdev: Resolve Coverity DEADCODE (rhbz#848199)- virnetdev: Resolve Coverity FORWARD_NULL (rhbz#848199)- virnetdev: Resolve Coverity RESOURCE_LEAK (rhbz#848199)- lxc: improve error message for invalid blkiotune settings (rhbz#1131306)- qemu: improve error message for invalid blkiotune settings (rhbz#1131306)- Do not probe for power mgmt capabilities in lxc emulator (rhbz#1159227)- qemu: make advice from numad available when building commandline (rhbz#1138545)[1.2.8-5]- qemuPrepareNVRAM: Save domain after NVRAM path generation (rhbz#1026772)- Fix crash cpu_shares change event crash on domain startup (rhbz#1147494)- Don't verify CPU features with host-passthrough (rhbz#1147584)- Also filter out non-migratable features out of host-passthrough (rhbz#1147584)- selinux: Avoid label reservations for type = none (rhbz#1138487)- qemu: bulk stats: extend internal collection API (rhbz#1113116)- qemu: bulk stats: implement CPU stats group (rhbz#1113116)- qemu: bulk stats: implement balloon group (rhbz#1113116)- qemu: bulk stats: implement VCPU group (rhbz#1113116)- qemu: bulk stats: implement interface group (rhbz#1113116)- qemu: bulk stats: implement block group (rhbz#1113116)- virsh: add options to query bulk stats group (rhbz#1113116)- lib: De-duplicate stats group documentation for all stats functions (rhbz#1113116)- lib: Document that virConnectGetAllDomainStats may omit some stats fields (rhbz#1113116)- man: virsh: Add docs for supported stats groups (rhbz#1113116)- qemu: monitor: return block stats data as a hash to avoid disk mixup (rhbz#1113116)- qemu: monitor: Avoid shadowing variable 'devname' on FreeBSD (rhbz#1113116)- qemu: monitor: Add helper function to fill physical/virtual image size (rhbz#1113116)- qemu: bulk stats: add block allocation information (rhbz#1113116)- qemu: json: Fix missing break in error reporting function (rhbz#1113116)- qemu: monitor: Avoid shadowing variable 'devname' on FreeBSD. Again. (rhbz#1113116)- docs, conf, schema: add support for shmem device (rhbz#1126991)- qemu: add capability probing for ivshmem device (rhbz#1126991)- qemu: Build command line for ivshmem device (rhbz#1126991)- minor shmem clean-ups (rhbz#1126991)- virSecuritySELinuxSetTapFDLabel: Temporarily revert to old behavior (rhbz#1095636)- domain_conf: fix domain deadlock (CVE-2014-3657)- qemu: support relative backing for RHEL 7.0.z qemu (rhbz#1150322)- qemu: Fix hot unplug of SCSI_HOST device (rhbz#1141732)- qemu: Remove need for virConnectPtr in hotunplug detach host, net (rhbz#1141732)[1.2.8-4]- Fix libvirtd crash when removing metadata (rhbz#1143955)- Fix leak in x86UpdateHostModel (rhbz#1144303)- Move the FIPS detection from capabilities (rhbz#1135431)- qemu: raise an error when trying to use readonly sata disks (rhbz#1112939)- virsh-host: fix pagesize unit of freepages (rhbz#1145048)- nodeinfo: report error when given node is out of range (rhbz#1145050)- Fix typo of virNodeGetFreePages comment (rhbz#1145050)- nodeinfo: Prefer MIN in nodeGetFreePages (rhbz#1145050)- Fix bug with loading bridge name for active domain during libvirtd start (rhbz#1140085)- qemu: save image: Split out user provided XML checker (rhbz#1142693)- qemu: save image: Add possibility to return XML stored in the image (rhbz#1142693)- qemu: save image: Split out new definition check/update (rhbz#1142693)- qemu: save image: Split out checks done only when editing the save img (rhbz#1142693)- qemu: hook: Provide hook when restoring a domain save image (rhbz#1142693)- qemu: Expose additional migration statistics (rhbz#1013055)- qemu: Fix old tcp:host URIs more cleanly (rhbz#1013055)- qemu: Prepare support for arbitrary migration protocol (rhbz#1013055)- qemu: Add RDMA migration capabilities (rhbz#1013055)- qemu: RDMA migration support (rhbz#1013055)- qemu: Memory pre-pinning support for RDMA migration (rhbz#1013055)- qemu: Fix memory leak in RDMA migration code (rhbz#1013055)- schemas: finish virTristate{Bool, Switch} transition (rhbz#1139364)- conf: split out virtio net driver formatting (rhbz#1139364)- conf: remove redundant local variable (rhbz#1139364)- conf: add options for disabling segment offloading (rhbz#1139364)- qemu: wire up virtio-net segment offloading options (rhbz#1139364)- spec: Enable qemu driver for RHEL-7 on aarch64 (rhbz#1142448)- blkdeviotune: fix bug with saving values into live XML (rhbz#1146511)- security: Fix labelling host devices (rhbz#1146550)- qemu: Add missing goto on rawio (rhbz#1103739)- hostdev: Add 'rawio' attribute to _virDomainHostdevSubsysSCSI (rhbz#1103739)- qemu: Process the hostdev 'rawio' setting (rhbz#1103739)- util: Add function to check if a virStorageSource is 'empty' (rhbz#1138231)- util: storage: Allow metadata crawler to report useful errors (rhbz#1138231)- qemu: Sanitize argument names and empty disk check in qemuDomainDetermineDiskChain (rhbz#1138231)- qemu: Report better errors from broken backing chains (rhbz#1138231)- storage: Improve error message when traversing backing chains (rhbz#1138231)- qemu: Always re-detect backing chain (rhbz#1144922)- event: introduce new event for tunable values (rhbz#1115898)- tunable_event: extend debug message and tweak limit for remote message (rhbz#1115898)- add an example how to use tunable event (rhbz#1115898)- Fix MinGW build (rhbz#1115898)- event_example: cleanup example code for tunable event (rhbz#1115898)- cputune_event: queue the event for cputune updates (rhbz#1115898)- blkdeviotune: trigger tunable event for blkdeviotune updates (rhbz#1115898)- Rename tunable event constants (rhbz#1115898)- Fix typo s/EMULATORIN/EMULATORPIN/ (rhbz#1115898)- Check for NULL in qemu monitor event filter (rhbz#1144920)[1.2.8-3]- virsh: Move --completed from resume to domjobinfo (rhbz#1063724)- qemu_driver: Resolve Coverity COPY_PASTE_ERROR (rhbz#1141209)- virfile: Resolve Coverity DEADCODE (rhbz#1141209)- lxc: Resolve Coverity FORWARD_NULL (rhbz#1141209)- qemu: Resolve Coverity FORWARD_NULL (rhbz#1141209)- qemu: Resolve Coverity FORWARD_NULL (rhbz#1141209)- xen: Resolve Coverity NEGATIVE_RETURNS (rhbz#1141209)- qemu: Resolve Coverity NEGATIVE_RETURNS (rhbz#1141209)- qemu: Resolve Coverity NEGATIVE_RETURNS (rhbz#1141209)- virsh: Resolve Coverity NEGATIVE_RETURNS (rhbz#1141209)- daemon: Resolve Coverity RESOURCE_LEAK (rhbz#1141209)- domain_conf: Resolve Coverity COPY_PASTE_ERROR (rhbz#1141209)- storage_conf: Fix libvirtd crash when defining scsi storage pool (rhbz#1141943)- qemu: time: Report errors if agent command fails (rhbz#1142294)- util: storage: Copy driver type when initializing chain element (rhbz#1140984)- docs, conf, schema: add support for shared memory mapping (rhbz#1133144)- qemu: add support for shared memory mapping (rhbz#1133144)- rpc: reformat the flow to make a bit more sense (rhbz#927369)- remove redundant pidfile path constructions (rhbz#927369)- util: fix potential leak in error codepath (rhbz#927369)- util: get rid of unnecessary umask() call (rhbz#927369)- rpc: make daemon spawning a bit more intelligent (rhbz#927369)- conf: add backend element to interfaces (rhbz#1139362)- Wire up the interface backend options (rhbz#1139362)- CVE-2014-3633: qemu: blkiotune: Use correct definition when looking up disk (CVE-2014-3633)- qemu: fix crash with shared disks (rhbz#1142722)- nvram: Fix permissions (rhbz#1026772)- libvirt.spec: Fix permission even for libvirt-driver-qemu (rhbz#1026772)- virDomainUndefineFlags: Allow NVRAM unlinking (rhbz#1026772)- formatdomain: Update example to match the rest (rhbz#1026772)- domaincaps: Expose UEFI capability (rhbz#1026772)- qemu_capabilities: Change virQEMUCapsFillDomainCaps signature (rhbz#1026772)- domaincaps: Expose UEFI binary path, if it exists (rhbz#1026772)- domaincapstest: Run cleanly on systems missing OVMF firmware (rhbz#1026772)- conf: Disallow nonexistent NUMA nodes for hugepages (rhbz#1135396)- qemu: Honor hugepages for UMA domains (rhbz#1135396)- RHEL: Fix maxvcpus output (rhbz#1092363)- virsh: Add iothread to 'attach-disk' (rhbz#1101574)- qemu: Issue query-iothreads and to get list of active IOThreads (rhbz#1101574)- vircgroup: Introduce virCgroupNewIOThread (rhbz#1101574)- qemu_domain: Add niothreadpids and iothreadpids (rhbz#1101574)- qemu_cgroup: Introduce cgroup functions for IOThreads (rhbz#1101574)- qemu: Allow pinning specific IOThreads to a CPU (rhbz#1101574)- domain_conf: Add iothreadpin to cputune (rhbz#1101574)- vircgroup: Fix broken builds without cgroups (rhbz#1101574)- cputune: allow interleaved xml (rhbz#1101574)- qemu: Fix iothreads issue (rhbz#1101574)- qemu_cgroup: Adjust spacing around incrementor (rhbz#1101574)- qemu: Fix call in qemuDomainSetNumaParamsLive for virCgroupNewIOThread (rhbz#1101574)- qemu: Need to check for capability before query (rhbz#1101574)- qemu: Don't fail startup/attach for IOThreads if no JSON (rhbz#1101574)- Fixes for domains with no iothreads (rhbz#1101574)[1.2.8-2]- remote: Fix memory leak on error path when deserializing bulk stats (rhbz#1136350)- spec: Fix preun script for daemon (rhbz#1136736)- security: fix DH key generation when FIPS mode is on (rhbz#1128497)- tests: force FIPS testing mode with new enough GNU TLS versions (rhbz#1128497)- Don't include non-migratable features in host-model (rhbz#1138221)- qemu: Rename DEFAULT_JOB_MASK to QEMU_DEFAULT_JOB_MASK (rhbz#1134154)- qemu: snapshot: Fix job handling when creating snapshots (rhbz#1134154)- qemu: snapshot: Acquire job earlier on snapshot revert/delete (rhbz#1134154)- qemu: snapshot: Fix snapshot function header formatting and spacing (rhbz#1134154)- qemu: snapshot: Simplify error paths (rhbz#1134154)- qemu: Propagate QEMU errors during incoming migrations (rhbz#1090093)- Refactor job statistics (rhbz#1063724)- qemu: Avoid incrementing jobs_queued if virTimeMillisNow fails (rhbz#1063724)- Add support for fetching statistics of completed jobs (rhbz#1063724)- qemu: Silence coverity on optional migration stats (rhbz#1063724)- virsh: Add support for completed job stats (rhbz#1063724)- qemu: Transfer migration statistics to destination (rhbz#1063724)- qemu: Recompute downtime and total time when migration completes (rhbz#1063724)- qemu: Transfer recomputed stats back to source (rhbz#1063724)- conf: Extend and introduce (rhbz#1112257)- qemu: Implement extended loader and nvram (rhbz#1112257)- qemu: Automatically create NVRAM store (rhbz#1112257)[1.2.8-1]- Rebased to libvirt-1.2.8 (rhbz#1035158)- The rebase also fixes the following bugs: rhbz#927369, rhbz#957293, rhbz#999926, rhbz#1021703, rhbz#1043735 rhbz#1047818, rhbz#1062142, rhbz#1064770, rhbz#1072653, rhbz#1078126 rhbz#1095636, rhbz#1103245, rhbz#1119215, rhbz#1121837, rhbz#1121955 rhbz#1122455, rhbz#1126329, rhbz#1126721, rhbz#1126909, rhbz#1128097 rhbz#1128751, rhbz#1129207, rhbz#1129372, rhbz#1129998, rhbz#1130089 rhbz#1130379, rhbz#1131306, rhbz#1131445, rhbz#1131788, rhbz#1131811 rhbz#1131819, rhbz#1131876, rhbz#1132301, rhbz#1132305, rhbz#1132347[1.2.7-1]- Rebased to libvirt-1.2.7 (rhbz#1035158)- The rebase also fixes the following bugs: rhbz#823535, rhbz#872628, rhbz#874418, rhbz#878394, rhbz#880483 rhbz#921094, rhbz#963817, rhbz#964177, rhbz#967493, rhbz#967494 rhbz#972964, rhbz#983350, rhbz#985782, rhbz#985980, rhbz#990319 rhbz#990418, rhbz#991290, rhbz#992980, rhbz#994731, rhbz#995377 rhbz#997627, rhbz#997802, rhbz#1006700, rhbz#1007698, rhbz#1007759 rhbz#1010885, rhbz#1022874, rhbz#1023366, rhbz#1025407, rhbz#1027076 rhbz#1029266, rhbz#1029732, rhbz#1032363, rhbz#1033020, rhbz#1033398 rhbz#1033704, rhbz#1035128, rhbz#1046192, rhbz#1049038, rhbz#1052114 rhbz#1056902, rhbz#1062142, rhbz#1063837, rhbz#1066280, rhbz#1066894 rhbz#1067338, rhbz#1069552, rhbz#1069784, rhbz#1070680, rhbz#1072141 rhbz#1072677, rhbz#1073368, rhbz#1073506, rhbz#1074086, rhbz#1075290 rhbz#1075299, rhbz#1076957, rhbz#1076959, rhbz#1076960, rhbz#1076962 rhbz#1077009, rhbz#1077572, rhbz#1078590, rhbz#1079162, rhbz#1079173 rhbz#1080859, rhbz#1081881, rhbz#1081932, rhbz#1082124, rhbz#1083345 rhbz#1084360, rhbz#1085706, rhbz#1085769, rhbz#1086121, rhbz#1086331 rhbz#1086704, rhbz#1087104, rhbz#1087671, rhbz#1088293, rhbz#1088667 rhbz#1088787, rhbz#1088864, rhbz#1089179, rhbz#1089378, rhbz#1091132 rhbz#1091866, rhbz#1092038, rhbz#1092253, rhbz#1093127, rhbz#1095035 rhbz#1097028, rhbz#1097503, rhbz#1097677, rhbz#1097968, rhbz#1098659 rhbz#1099978, rhbz#1100086, rhbz#1100769, rhbz#1101059, rhbz#1101510 rhbz#1101987, rhbz#1101999, rhbz#1102426, rhbz#1102457, rhbz#1102611 rhbz#1104992, rhbz#1104993, rhbz#1105939, rhbz#1108593, rhbz#1110198 rhbz#1110212, rhbz#1110673, rhbz#1111044, rhbz#1112939, rhbz#1113332 rhbz#1113668, rhbz#1113751, rhbz#1113868, rhbz#1118710, rhbz#1119206 rhbz#1119387, rhbz#1119592, rhbz#1120474, rhbz#1122255, rhbz#1122973- spec: Enable qemu driver for RHEL-7 on ppc64 (rhbz#1120474)[1.2.6-1]- Rebased to libvirt-1.2.6 (rhbz#1035158)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2015-0323\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2015-0323.html\");\nscript_cve_id(\"CVE-2014-8136\",\"CVE-2015-0236\");\nscript_tag(name:\"cvss_base\", value:\"3.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:N/A:N\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-lxc\", rpm:\"libvirt-daemon-driver-lxc~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-kvm\", rpm:\"libvirt-daemon-kvm~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-daemon-lxc\", rpm:\"libvirt-daemon-lxc~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-docs\", rpm:\"libvirt-docs~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-lock-sanlock\", rpm:\"libvirt-lock-sanlock~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libvirt-login-shell\", rpm:\"libvirt-login-shell~1.2.8~16.0.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:33", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-lxc-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-lxc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-config-nwfilter-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-config-nwfilter", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-lock-sanlock-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-lock-sanlock", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "i686", "packageFilename": "libvirt-client-1.2.8-16.0.1.el7.i686.rpm", "packageName": "libvirt-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-client-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-client", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-lxc-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-lxc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-storage-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "i686", "packageFilename": "libvirt-devel-1.2.8-16.0.1.el7.i686.rpm", "packageName": "libvirt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-interface-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-interface", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-nwfilter-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-nwfilter", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "src", "packageFilename": "libvirt-1.2.8-16.0.1.el7.src.rpm", "packageName": "libvirt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-login-shell-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-login-shell", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-qemu-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-qemu", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-secret-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-secret", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-docs-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-docs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-nodedev-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-nodedev", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-config-network-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-config-network", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-devel-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-driver-network-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-driver-network", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.2.8-16.0.1.el7", "arch": "x86_64", "packageFilename": "libvirt-daemon-kvm-1.2.8-16.0.1.el7.x86_64.rpm", "packageName": "libvirt-daemon-kvm", "operator": "lt"}], "description": "[1.2.8-16.0.1]\n- Replace docs/et.png in tarball with blank image\n[1.2.8-16]\n- qemu: don't setup cpuset.mems if memory mode in numatune is not 'strict' (rhbz#1186094)\n- lxc: don't setup cpuset.mems if memory mode in numatune is not 'strict' (rhbz#1186094)\n[1.2.8-15]\n- qemu: Add missing goto error in qemuRestoreCgroupState (rhbz#1161540)\n[1.2.8-14]\n- virNetworkDefUpdateIPDHCPHost: Don't crash when updating network (rhbz#1182486)\n- Format CPU features even for host-model (rhbz#1182448)\n- util: Add function virCgroupHasEmptyTasks (rhbz#1161540)\n- util: Add virNumaGetHostNodeset (rhbz#1161540)\n- qemu: Remove unnecessary qemuSetupCgroupPostInit function (rhbz#1161540)\n- qemu: Save numad advice into qemuDomainObjPrivate (rhbz#1161540)\n- qemu: Leave cpuset.mems in parent cgroup alone (rhbz#1161540)\n- qemu: Fix hotplugging cpus with strict memory pinning (rhbz#1161540)\n- util: Fix possible NULL dereference (rhbz#1161540)\n- qemu_driver: fix setting vcpus for offline domain (rhbz#1161540)\n- qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs (CVE-2014-8136)\n- CVE-2015-0236: qemu: Check ACLs when dumping security info from save image (CVE-2015-0236)\n- CVE-2015-0236: qemu: Check ACLs when dumping security info from snapshots (CVE-2015-0236)\n- Check for domain liveness in qemuDomainObjExitMonitor (rhbz#1161024)\n- Mark the domain as active in qemuhotplugtest (rhbz#1161024)\n- Fix vmdef usage while in monitor in qemuDomainHotplugVcpus (rhbz#1161024)\n- Fix vmdef usage while in monitor in BlockStat* APIs (rhbz#1161024)\n- Fix vmdef usage while in monitor in qemu process (rhbz#1161024)\n- Fix vmdef usage after domain crash in monitor on device detach (rhbz#1161024)\n- Fix vmdef usage after domain crash in monitor on device attach (rhbz#1161024)\n[1.2.8-13]\n- conf: Fix memory leak when parsing invalid network XML (rhbz#1180136)\n- qxl: change the default value for vgamem_mb to 16 MiB (rhbz#1181052)\n- qemuxml2argvtest: Fix test after change of qxl vgamem_mb default (rhbz#1181052)\n- conf: fix crash when hotplug a channel chr device with no target (rhbz#1181408)\n- qemu: forbid second blockcommit during active commit (rhbz#1135339)\n- qemu_monitor: introduce new function to get QOM path (rhbz#1180574)\n- qemu_process: detect updated video ram size values from QEMU (rhbz#1180574)\n[1.2.8-12]\n- Fix hotplugging of block device-backed usb disks (rhbz#1175668)\n- qemu: Create memory-backend-{ram, file} iff needed (rhbz#1175397)\n- conf: Don't format actual network definition in migratable XML (rhbz#1177194)\n[1.2.8-11]\n- virsh: vol-upload disallow negative offset (rhbz#1087104)\n- storage: fix crash caused by no check return before set close (rhbz#1087104)\n- qemu: Fix virsh freeze when blockcopy storage file is removed (rhbz#1139567)\n- security: Manage SELinux labels on shared/readonly hostdev's (rhbz#1082521)\n- nwfilter: fix crash when adding non-existing nwfilter (rhbz#1169409)\n- conf: Fix libvirtd crash matching hostdev XML (rhbz#1174053)\n- qemu: Resolve Coverity REVERSE_INULL (rhbz#1172570)\n- CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats() (CVE-2014-8131)\n- qemu: bulk stats: Fix logic in monitor handling (rhbz#1172570)\n- qemu: avoid rare race when undefining domain (rhbz#1150505)\n- Do not format CPU features without a model (rhbz#1151885)\n- Ignore CPU features without a model for host-passthrough (rhbz#1151885)\n- Silently ignore MAC in NetworkLoadConfig (rhbz#1156367)\n- Generate a MAC when loading a config instead of package update (rhbz#1156367)\n- qemu: move setting emulatorpin ahead of monitor showing up (rhbz#1170484)\n- util: Introduce flags field for macvtap creation (rhbz#1081461)\n- network: Bring netdevs online later (rhbz#1081461)\n- qemu: always call qemuInterfaceStartDevices() when starting CPUs (rhbz#1081461)\n- qemu: add a qemuInterfaceStopDevices(), called when guest CPUs stop (rhbz#1081461)\n- conf: replace call to virNetworkFree() with virObjectUnref() (rhbz#1099210)\n- util: new functions for setting bridge and bridge port attributes (rhbz#1099210)\n- util: functions to manage bridge fdb (forwarding database) (rhbz#1099210)\n- conf: new network bridge device attribute macTableManager (rhbz#1099210)\n- network: save bridge name in ActualNetDef when actualType==network too (rhbz#1099210)\n- network: store network macTableManager setting in NetDef actual object (rhbz#1099210)\n- network: setup bridge devices for macTableManager='libvirt' (rhbz#1099210)\n- qemu: setup tap devices for macTableManager='libvirt' (rhbz#1099210)\n- qemu: add/remove bridge fdb entries as guest CPUs are started/stopped (rhbz#1099210)\n- virsh: document block.n.allocation stat (rhbz#1041569)\n- getstats: avoid memory leak on OOM (rhbz#1041569)\n- getstats: improve documentation (rhbz#1041569)\n- getstats: start giving offline block stats (rhbz#1041569)\n- getstats: add block.n.path stat (rhbz#1041569)\n- qemuMonitorJSONBlockStatsUpdateCapacity: Don't skip disks (rhbz#1041569)\n- getstats: prepare monitor collection for recursion (rhbz#1041569)\n- getstats: perform recursion in monitor collection (rhbz#1041569)\n- getstats: prepare for dynamic block.count stat (rhbz#1041569)\n- getstats: add new flag for block backing chain (rhbz#1041569)\n- getstats: split block stats reporting for easier recursion (rhbz#1041569)\n- getstats: crawl backing chain for qemu (rhbz#1041569)\n- logical: Add '--type snapshot' to lvcreate command (rhbz#1166592)\n[1.2.8-10]\n- qemu: add the missing jobinfo type in qemuDomainGetJobInfo (rhbz#1167883)\n- network: Fix upgrade from libvirt older than 1.2.4 (rhbz#1167145)\n- qemu: fix domain startup failing with 'strict' mode in numatune (rhbz#1168866)\n- qemu: Don't track quiesced state of FSs (rhbz#1160084)\n- qemu: fix block{commit,copy} abort handling (rhbz#1135169)\n[1.2.8-9]\n- doc: fix mismatched ACL attribute name (rhbz#1161358)\n- qemu: monitor: Rename and improve qemuMonitorGetPtyPaths (rhbz#1146944)\n- conf: Add channel state for virtio channels to the XML (rhbz#1146944)\n- qemu: Add handling for VSERPORT_CHANGE event (rhbz#1146944)\n- qemu: chardev: Extract more information about character devices (rhbz#1146944)\n- qemu: process: Refresh virtio channel guest state when connecting to mon (rhbz#1146944)\n- event: Add guest agent lifecycle event (rhbz#1146944)\n- examples: Add support for the guest agent lifecycle event (rhbz#1146944)\n- qemu: Emit the guest agent lifecycle event (rhbz#1146944)\n- internal: add macro to round value to the next closest power of 2 (rhbz#1076098)\n- video: cleanup usage of vram attribute and update documentation (rhbz#1076098)\n- QXL: fix setting ram and vram values for QEMU QXL device (rhbz#1076098)\n- caps: introduce new QEMU capability for vgamem_mb device property (rhbz#1076098)\n- qemu-command: use vram attribute for all video devices (rhbz#1076098)\n- qemu-command: introduce new vgamem attribute for QXL video device (rhbz#1076098)\n[1.2.8-8]\n- qemu: Fix crash in tunnelled migration (rhbz#1147331)\n- qemu: Really fix crash in tunnelled migration (rhbz#1147331)\n- qemu: Update fsfreeze status on domain state transitions (rhbz#1160084)\n- qemuPrepareNVRAM: Save domain conf only if domain's persistent (rhbz#1026772)\n- docs: Document NVRAM behavior on transient domains (rhbz#1026772)\n- Fix build in qemu_capabilities (rhbz#1165782)\n- qemu: Support OVMF on armv7l aarch64 guests (rhbz#1165782)\n- qemu: Drop OVMF whitelist (rhbz#1165782)\n- storage: Fix issue finding LU's when block doesn't exist (rhbz#1152382)\n- storage: Add thread to refresh for createVport (rhbz#1152382)\n- storage: qemu: Fix security labelling of new image chain elements (rhbz#1151718)\n- virsh: sync domdisplay help and manual (rhbz#997802)\n- docs: domain: Move docs for storage hosts under the \n element (rhbz#1164528)\n- test: virstoragetest: Add testing of network disk details (rhbz#1164528)\n- util: storage: Copy hosts of a storage file only if they exist (rhbz#1164528)\n- qemu: Refactor qemuBuildNetworkDriveURI to take a virStorageSourcePtr (rhbz#1164528)\n- tests: Reflow the expected output from RBD disk test (rhbz#1164528)\n- util: split out qemuParseRBDString into a common helper (rhbz#1164528)\n- util: storagefile: Split out parsing of NBD string into a separate func (rhbz#1164528)\n- storage: Allow parsing of RBD backing strings when building backing chain (rhbz#1164528)\n- storage: rbd: qemu: Add support for specifying internal RBD snapshots (rhbz#1164528)\n- storage: rbd: Implement support for passing config file option (rhbz#1164528)\n[1.2.8-7]\n- qemu: avoid rare race when undefining domain (rhbz#1150505)\n- qemu: stop NBD server after successful migration (rhbz#1160212)\n- Require at least one console for LXC domain (rhbz#1155410)\n- remote: Fix memory leak in remoteConnectGetAllDomainStats (rhbz#1158715)\n- CVE-2014-7823: dumpxml: security hole with migratable flag (CVE-2014-7823)\n- Free job statistics from the migration cookie (rhbz#1161124)\n- Fix virDomainChrEquals for spicevmc (rhbz#1162097)\n- network: fix call virNetworkEventLifecycleNew when networkStartNetwork fail (rhbz#1162915)\n- Do not crash on gluster snapshots with no host name (rhbz#1162974)\n- nwfilter: fix deadlock caused updating network device and nwfilter (rhbz#1143780)\n- util: eliminate 'use after free' in callers of virNetDevLinkDump (rhbz#1163463)\n- storage: Check for valid fc_host parent at startup (rhbz#1160565)\n- storage: Ensure fc_host parent matches wwnn/wwpn (rhbz#1160565)\n- storage: Don't use a stack copy of the adapter (rhbz#1160926)\n- storage: Introduce virStoragePoolSaveConfig (rhbz#1160926)\n- storage: Introduce 'managed' for the fchost parent (rhbz#1160926)\n- qemu: Always set migration capabilities (rhbz#1163953)\n[1.2.8-6]\n- qemu: support nospace reason in io error event (rhbz#1119784)\n- RHEL: Add support for QMP I/O error reason (rhbz#1119784)\n- nodeinfo: fix nodeGetFreePages when max node is zero (rhbz#1145048)\n- nodeGetFreePages: Push forgotten change (rhbz#1145048)\n- conf: tests: fix virDomainNetDefFormat for vhost-user in client mode (rhbz#1155458)\n- util: string: Add helper to check whether string is empty (rhbz#1142693)\n- qemu: restore: Fix restoring of VM when the restore hook returns empty XML (rhbz#1142693)\n- security_selinux: Don't relabel /dev/net/tun (rhbz#1095636)\n- qemu: Fix updating bandwidth limits in live XML (rhbz#1146511)\n- qemu: save domain status after set the blkio parameters (rhbz#1146511)\n- qemu: call qemuDomainObjBeginJob/qemuDomainObjEndJob in qemuDomainSetInterfaceParameters (rhbz#1146511)\n- qemu: save domain status after set domain's numa parameters (rhbz#1146511)\n- qemu: forbid snapshot-delete --children-only on external snapshot (rhbz#956506)\n- qemu: better error message when block job can't succeed (rhbz#1140981)\n- Reject live update of offloading options (rhbz#1155441)\n- virutil: Introduce virGetSCSIHostNumber (rhbz#1146837)\n- virutil: Introduce virGetSCSIHostNameByParentaddr (rhbz#1146837)\n- storage_conf: Resolve libvirtd crash matching scsi_host (rhbz#1146837)\n- Match scsi_host pools by parent address first (rhbz#1146837)\n- Relax duplicate SCSI host pool checking (rhbz#1146837)\n- qemu: Remove possible NULL deref in debug output (rhbz#1141621)\n- virsh: Adjust the text in man page regarding qemu-attach (rhbz#1141621)\n- hotplug: Check for alias in controller detach (rhbz#1141621)\n- hotplug: Check for alias in disk detach (rhbz#1141621)\n- hotplug: Check for alias in hostdev detach (rhbz#1141621)\n- hotplug: Check for alias in chrdev detach (rhbz#1141621)\n- hotplug: Check for alias in net detach (rhbz#1141621)\n- qemu-attach: Assign device aliases (rhbz#1141621)\n- hotplug: fix char device detach (rhbz#1141621)\n- storage: Fix crash when parsing backing store URI with schema (rhbz#1156288)\n- remote: fix jump depends on uninitialised value (rhbz#1158715)\n- qemu: Release nbd port from migrationPorts instead of remotePorts (rhbz#1159245)\n- conf: add trustGuestRxFilters attribute to network and domain interface (rhbz#848199)\n- network: set interface actual trustGuestRxFilters from network/portgroup (rhbz#848199)\n- util: define virNetDe v R x F i l t e r a n d b a s i c u t i l i t y f u n c t i o n s ( r h b z # 8 4 8 1 9 9 ) b r > - q e m u : q e m u M o n i t o r Q u e r y R x F i l t e r - r e t r i e v e g u e s t n e t d e v r x - f i l t e r ( r h b z # 8 4 8 1 9 9 ) b r > - q e m u : a d d s h o r t d o c u m e n t o n q e m u e v e n t h a n d l e r s ( r h b z # 8 4 8 1 9 9 ) b r > - q e m u : s e t u p i n f r a s t r u c t u r e t o h a n d l e N I C _ R X _ F I L T E R _ C H A N G E D e v e n t ( r h b z # 8 4 8 1 9 9 ) b r > - q e m u : c h a n g e m a c v t a p d e v i c e M A C a d d r e s s i n r e s p o n s e t o N I C _ R X _ F I L T E R _ C H A N G E D ( r h b z # 8 4 8 1 9 9 ) b r > - u t i l : F u n c t i o n s t o u p d a t e h o s t n e t w o r k d e v i c e ' s m u l t i c a s t f i l t e r ( r h b z # 8 4 8 1 9 9 ) b r > - q e m u : c h a n g e m a c v t a p m u l t i c a s t l i s t i n r e s p o n s e t o N I C _ R X _ F I L T E R _ C H A N G E D ( r h b z # 8 4 8 1 9 9 ) b r > - v i r n e t d e v : R e s o l v e C o v e r i t y D E A D C O D E ( r h b z # 8 4 8 1 9 9 ) b r > - v i r n e t d e v : R e s o l v e C o v e r i t y F O R W A R D _ N U L L ( r h b z # 8 4 8 1 9 9 ) b r > - v i r n e t d e v : R e s o l v e C o v e r i t y R E S O U R C E _ L E A K ( r h b z # 8 4 8 1 9 9 ) b r > - l x c : i m p r o v e e r r o r m e s s a g e f o r i n v a l i d b l k i o t u n e s e t t i n g s ( r h b z # 1 1 3 1 3 0 6 ) b r > - q e m u : i m p r o v e e r r o r m e s s a g e f o r i n v a l i d b l k i o t u n e s e t t i n g s ( r h b z # 1 1 3 1 3 0 6 ) b r > - D o n o t p r o b e f o r p o w e r m g m t c a p a b i l i t i e s i n l x c e m u l a t o r ( r h b z # 1 1 5 9 2 2 7 ) b r > - q e m u : m a k e a d v i c e f r o m n u m a d a v a i l a b l e w h e n b u i l d i n g c o m m a n d l i n e ( r h b z # 1 1 3 8 5 4 5 ) b r > b r > [ 1 . 2 . 8 - 5 ] b r > - q e m u P r e p a r e N V R A M : S a v e d o m a i n a f t e r N V R A M p a t h g e n e r a t i o n ( r h b z # 1 0 2 6 7 7 2 ) b r > - F i x c r a s h c p u _ s h a r e s c h a n g e e v e n t c r a s h o n d o m a i n s t a r t u p ( r h b z # 1 1 4 7 4 9 4 ) b r > - D o n ' t v e r i f y C P U f e a t u r e s w i t h h o s t - p a s s t h r o u g h ( r h b z # 1 1 4 7 5 8 4 ) b r > - A l s o f i l t e r o u t n o n - m i g r a t a b l e f e a t u r e s o u t o f h o s t - p a s s t h r o u g h ( r h b z # 1 1 4 7 5 8 4 ) b r > - s e l i n u x : A v o i d l a b e l r e s e r v a t i o n s f o r t y p e = n o n e ( r h b z # 1 1 3 8 4 8 7 ) b r > - q e m u : b u l k s t a t s : e x t e n d i n t e r n a l c o l l e c t i o n A P I ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : b u l k s t a t s : i m p l e m e n t C P U s t a t s g r o u p ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : b u l k s t a t s : i m p l e m e n t b a l l o o n g r o u p ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : b u l k s t a t s : i m p l e m e n t V C P U g r o u p ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : b u l k s t a t s : i m p l e m e n t i n t e r f a c e g r o u p ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : b u l k s t a t s : i m p l e m e n t b l o c k g r o u p ( r h b z # 1 1 1 3 1 1 6 ) b r > - v i r s h : a d d o p t i o n s t o q u e r y b u l k s t a t s g r o u p ( r h b z # 1 1 1 3 1 1 6 ) b r > - l i b : D e - d u p l i c a t e s t a t s g r o u p d o c u m e n t a t i o n f o r a l l s t a t s f u n c t i o n s ( r h b z # 1 1 1 3 1 1 6 ) b r > - l i b : D o c u m e n t t h a t v i r C o n n e c t G e t A l l D o m a i n S t a t s m a y o m i t s o m e s t a t s f i e l d s ( r h b z # 1 1 1 3 1 1 6 ) b r > - m a n : v i r s h : A d d d o c s f o r s u p p o r t e d s t a t s g r o u p s ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : m o n i t o r : r e t u r n b l o c k s t a t s d a t a a s a h a s h t o a v o i d d i s k m i x u p ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : m o n i t o r : A v o i d s h a d o w i n g v a r i a b l e ' d e v n a m e ' o n F r e e B S D ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : m o n i t o r : A d d h e l p e r f u n c t i o n t o f i l l p h y s i c a l / v i r t u a l i m a g e s i z e ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : b u l k s t a t s : a d d b l o c k a l l o c a t i o n i n f o r m a t i o n ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : j s o n : F i x m i s s i n g b r e a k i n e r r o r r e p o r t i n g f u n c t i o n ( r h b z # 1 1 1 3 1 1 6 ) b r > - q e m u : m o n i t o r : A v o i d s h a d o w i n g v a r i a b l e ' d e v n a m e ' o n F r e e B S D . A g a i n . ( r h b z # 1 1 1 3 1 1 6 ) b r > - d o c s , c o n f , s c h e m a : a d d s u p p o r t f o r s h m e m d e v i c e ( r h b z # 1 1 2 6 9 9 1 ) b r > - q e m u : a d d c a p a b i l i t y p r o b i n g f o r i v s h m e m d e v i c e ( r h b z # 1 1 2 6 9 9 1 ) b r > - q e m u : B u i l d c o m m a n d l i n e f o r i v s h m e m d e v i c e ( r h b z # 1 1 2 6 9 9 1 ) b r > - m i n o r s h m e m c l e a n - u p s ( r h b z # 1 1 2 6 9 9 1 ) b r > - v i r S e c u r i t y S E L i n u x S e t T a p F D L a b e l : T e m p o r a r i l y r e v e r t t o o l d b e h a v i o r ( r h b z # 1 0 9 5 6 3 6 ) b r > - d o m a i n _ c o n f : f i x d o m a i n d e a d l o c k ( C V E - 2 0 1 4 - 3 6 5 7 ) b r > - q e m u : s u p p o r t r e l a t i v e b a c k i n g f o r R H E L 7 . 0 . z q e m u ( r h b z # 1 1 5 0 3 2 2 ) b r > - q e m u : F i x h o t u n p l u g o f S C S I _ H O S T d e v i c e ( r h b z # 1 1 4 1 7 3 2 ) b r > - q e m u : R e m o v e n e e d f o r v i r C o n n e c t P t r i n h o t u n p l u g d e t a c h h o s t , n e t ( r h b z # 1 1 4 1 7 3 2 ) b r > b r > [ 1 . 2 . 8 - 4 ] b r > - F i x l i b v i r t d c r a s h w h e n r e m o v i n g m e t a d a t a ( r h b z # 1 1 4 3 9 5 5 ) b r > - F i x l e a k i n x 8 6 U p d a t e H o s t M o d e l ( r h b z # 1 1 4 4 3 0 3 ) b r > - M o v e t h e F I P S d e t e c t i o n f r o m c a p a b i l i t i e s ( r h b z # 1 1 3 5 4 3 1 ) b r > - q e m u : r a i s e a n e r r o r w h e n t r y i n g t o u s e r e a d o n l y s a t a d i s k s ( r h b z # 1 1 1 2 9 3 9 ) b r > - v i r s h - h o s t : f i x p a g e s i z e u n i t o f f r e e p a g e s ( r h b z # 1 1 4 5 0 4 8 ) b r > - n o d e i n f o : r e p o r t e r r o r w h e n g i v e n n o d e i s o u t o f r a n g e ( r h b z # 1 1 4 5 0 5 0 ) b r > - F i x t y p o o f v i r N o d e G e t F r e e P a g e s c o m m e n t ( r h b z # 1 1 4 5 0 5 0 ) b r > - n o d e i n f o : P r e f e r M I N i n n o d e G e t F r e e P a g e s ( r h b z # 1 1 4 5 0 5 0 ) b r > - F i x b u g w i t h l o a d i n g b r i d g e n a m e f o r a c t i v e d o m a i n d u r i n g l i b v i r t d s t a r t ( r h b z # 1 1 4 0 0 8 5 ) b r > - q e m u : s a v e i m a g e : S p l i t o u t u s e r p r o v i d e d X M L c h e c k e r ( r h b z # 1 1 4 2 6 9 3 ) b r > - q e m u : s a v e i m a g e : A d d p o s s i b i l i t y t o r e t u r n X M L s t o r e d i n t h e i m a g e ( r h b z # 1 1 4 2 6 9 3 ) b r > - q e m u : s a v e i m a g e : S p l i t o u t n e w d e f i n i t i o n c h e c k / u p d a t e ( r h b z # 1 1 4 2 6 9 3 ) b r > - q e m u : s a v e i m a g e : S p l i t o u t c h e c k s d o n e o n l y w h e n e d i t i n g t h e s a v e i m g ( r h b z # 1 1 4 2 6 9 3 ) b r > - q e m u : h o o k : P r o v i d e h o o k w h e n r e s t o r i n g a d o m a i n s a v e i m a g e ( r h b z # 1 1 4 2 6 9 3 ) b r > - q e m u : E x p o s e a d d i t i o n a l m i g r a t i o n s t a t i s t i c s ( r h b z # 1 0 1 3 0 5 5 ) b r > - q e m u : F i x o l d t c p : h o s t U R I s m o r e c l e a n l y ( r h b z # 1 0 1 3 0 5 5 ) b r > - q e m u : P r e p a r e s u p p o r t f o r a r b i t r a r y m i g r a t i o n p r o t o c o l ( r h b z # 1 0 1 3 0 5 5 ) b r > - q e m u : A d d R D M A m i g r a t i o n c a p a b i l i t i e s ( r h b z # 1 0 1 3 0 5 5 ) b r > - q e m u : R D M A m i g r a t i o n s u p p o r t ( r h b z # 1 0 1 3 0 5 5 ) b r > - q e m u : M e m o r y p r e - p i n n i n g s u p p o r t f o r R D M A m i g r a t i o n ( r h b z # 1 0 1 3 0 5 5 ) b r > - q e m u : F i x m e m o r y l e a k i n R D M A m i g r a t i o n c o d e ( r h b z # 1 0 1 3 0 5 5 ) b r > - s c h e m a s : f i n i s h v i r T r i s t a t e { B o o l , S w i t c h } t r a n s i t i o n ( r h b z # 1 1 3 9 3 6 4 ) b r > - c o n f : s p l i t o u t v i r t i o n e t d r i v e r f o r m a t t i n g ( r h b z # 1 1 3 9 3 6 4 ) b r > - c o n f : r e m o v e r e d u n d a n t l o c a l v a r i a b l e ( r h b z # 1 1 3 9 3 6 4 ) b r > - c o n f : a d d o p t i o n s f o r d i s a b l i n g s e g m e n t o f f l o a d i n g ( r h b z # 1 1 3 9 3 6 4 ) b r > - q e m u : w i r e u p v i r t i o - n e t s e g m e n t o f f l o a d i n g o p t i o n s ( r h b z # 1 1 3 9 3 6 4 ) b r > - s p e c : E n a b l e q e m u d r i v e r f o r R H E L - 7 o n a a r c h 6 4 ( r h b z # 1 1 4 2 4 4 8 ) b r > - b l k d e v i o t u n e : f i x b u g w i t h s a v i n g v a l u e s i n t o l i v e X M L ( r h b z # 1 1 4 6 5 1 1 ) b r > - s e c u r i t y : F i x l a b e l l i n g h o s t d e v i c e s ( r h b z # 1 1 4 6 5 5 0 ) b r > - q e m u : A d d m i s s i n g g o t o o n r a w i o ( r h b z # 1 1 0 3 7 3 9 ) b r > - h o s t d e v : A d d ' r a w i o ' a t t r i b u t e t o _ v i r D o m a i n H o s t d e v S u b s y s S C S I ( r h b z # 1 1 0 3 7 3 9 ) b r > - q e m u : P r o c e s s t h e h o s t d e v ' r a w i o ' s e t t i n g ( r h b z # 1 1 0 3 7 3 9 ) b r > - u t i l : A d d f u n c t i o n t o c h e c k i f a v i r S t o r a g e S o u r c e i s ' e m p t y ' ( r h b z # 1 1 3 8 2 3 1 ) b r > - u t i l : s t o r a g e : A l l o w m e t a d a t a c r a w l e r t o r e p o r t u s e f u l e r r o r s ( r h b z # 1 1 3 8 2 3 1 ) b r > - q e m u : S a n i t i z e a r g u m e n t n a m e s a n d e m p t y d i s k c h e c k i n q e m u D o m a i n D e t e r m i n e D i s k C h a i n ( r h b z # 1 1 3 8 2 3 1 ) b r > - q e m u : R e p o r t b e t t e r e r r o r s f r o m b r o k e n b a c k i n g c h a i n s ( r h b z # 1 1 3 8 2 3 1 ) b r > - s t o r a g e : I m p r o v e e r r o r m e s s a g e w h e n t r a v e r s i n g b a c k i n g c h a i n s ( r h b z # 1 1 3 8 2 3 1 ) b r > - q e m u : A l w a y s r e - d e t e c t b a c k i n g c h a i n ( r h b z # 1 1 4 4 9 2 2 ) b r > - e v e n t : i n t r o d u c e n e w e v e n t f o r t u n a b l e v a l u e s ( r h b z # 1 1 1 5 8 9 8 ) b r > - t u n a b l e _ e v e n t : e x t e n d d e b u g m e s s a g e a n d t w e a k l i m i t f o r r e m o t e m e s s a g e ( r h b z # 1 1 1 5 8 9 8 ) b r > - a d d a n e x a m p l e h o w t o u s e t u n a b l e e v e n t ( r h b z # 1 1 1 5 8 9 8 ) b r > - F i x M i n G W b u i l d ( r h b z # 1 1 1 5 8 9 8 ) b r > - e v e n t _ e x a m p l e : c l e a n u p e x a m p l e c o d e f o r t u n a b l e e v e n t ( r h b z # 1 1 1 5 8 9 8 ) b r > - c p u t u n e _ e v e n t : q u e u e t h e e v e n t f o r c p u t u n e u p d a t e s ( r h b z # 1 1 1 5 8 9 8 ) b r > - b l k d e v i o t u n e : t r i g g e r t u n a b l e e v e n t f o r b l k d e v i o t u n e u p d a t e s ( r h b z # 1 1 1 5 8 9 8 ) b r > - R e n a m e t u n a b l e e v e n t c o n s t a n t s ( r h b z # 1 1 1 5 8 9 8 ) b r > - F i x t y p o s / E M U L A T O R I N / E M U L A T O R P I N / ( r h b z # 1 1 1 5 8 9 8 ) b r > - C h e c k f o r N U L L i n q e m u m o n i t o r e v e n t f i l t e r ( r h b z # 1 1 4 4 9 2 0 ) b r > b r > [ 1 . 2 . 8 - 3 ] b r > - v i r s h : M o v e - - c o m p l e t e d f r o m r e s u m e t o d o m j o b i n f o ( r h b z # 1 0 6 3 7 2 4 ) b r > - q e m u _ d r i v e r : R e s o l v e C o v e r i t y C O P Y _ P A S T E _ E R R O R ( r h b z # 1 1 4 1 2 0 9 ) b r > - v i r f i l e : R e s o l v e C o v e r i t y D E A D C O D E ( r h b z # 1 1 4 1 2 0 9 ) b r > - l x c : R e s o l v e C o v e r i t y F O R W A R D _ N U L L ( r h b z # 1 1 4 1 2 0 9 ) b r > - q e m u : R e s o l v e C o v e r i t y F O R W A R D _ N U L L ( r h b z # 1 1 4 1 2 0 9 ) b r > - q e m u : R e s o l v e C o v e r i t y F O R W A R D _ N U L L ( r h b z # 1 1 4 1 2 0 9 ) b r > - x e n : R e s o l v e C o v e r i t y N E G A T I V E _ R E T U R N S ( r h b z # 1 1 4 1 2 0 9 ) b r > - q e m u : R e s o l v e C o v e r i t y N E G A T I V E _ R E T U R N S ( r h b z # 1 1 4 1 2 0 9 ) b r > - q e m u : R e s o l v e C o v e r i t y N E G A T I V E _ R E T U R N S ( r h b z # 1 1 4 1 2 0 9 ) b r > - v i r s h : R e s o l v e C o v e r i t y N E G A T I V E _ R E T U R N S ( r h b z # 1 1 4 1 2 0 9 ) b r > - d a e m o n : R e s o l v e C o v e r i t y R E S O U R C E _ L E A K ( r h b z # 1 1 4 1 2 0 9 ) b r > - d o m a i n _ c o n f : R e s o l v e C o v e r i t y C O P Y _ P A S T E _ E R R O R ( r h b z # 1 1 4 1 2 0 9 ) b r > - s t o r a g e _ c o n f : F i x l i b v i r t d c r a s h w h e n d e f i n i n g s c s i s t o r a g e p o o l ( r h b z # 1 1 4 1 9 4 3 ) b r > - q e m u : t i m e : R e p o r t e r r o r s i f a g e n t c o m m a n d f a i l s ( r h b z # 1 1 4 2 2 9 4 ) b r > - u t i l : s t o r a g e : C o p y d r i v e r t y p e w h e n i n i t i a l i z i n g c h a i n e l e m e n t ( r h b z # 1 1 4 0 9 8 4 ) b r > - d o c s , c o n f , s c h e m a : a d d s u p p o r t f o r s h a r e d m e m o r y m a p p i n g ( r h b z # 1 1 3 3 1 4 4 ) b r > - q e m u : a d d s u p p o r t f o r s h a r e d m e m o r y m a p p i n g ( r h b z # 1 1 3 3 1 4 4 ) b r > - r p c : r e f o r m a t t h e f l o w t o m a k e a b i t m o r e s e n s e ( r h b z # 9 2 7 3 6 9 ) b r > - r e m o v e r e d u n d a n t p i d f i l e p a t h c o n s t r u c t i o n s ( r h b z # 9 2 7 3 6 9 ) b r > - u t i l : f i x p o t e n t i a l l e a k i n e r r o r c o d e p a t h ( r h b z # 9 2 7 3 6 9 ) b r > - u t i l : g e t r i d o f u n n e c e s s a r y u m a s k ( ) c a l l ( r h b z # 9 2 7 3 6 9 ) b r > - r p c : m a k e d a e m o n s p a w n i n g a b i t m o r e i n t e l l i g e n t ( r h b z # 9 2 7 3 6 9 ) b r > - c o n f : a d d b a c k e n d e l e m e n t t o i n t e r f a c e s ( r h b z # 1 1 3 9 3 6 2 ) b r > - W i r e u p t h e i n t e r f a c e b a c k e n d o p t i o n s ( r h b z # 1 1 3 9 3 6 2 ) b r > - C V E - 2 0 1 4 - 3 6 3 3 : q e m u : b l k i o t u n e : U s e c o r r e c t d e f i n i t i o n w h e n l o o k i n g u p d i s k ( C V E - 2 0 1 4 - 3 6 3 3 ) b r > - q e m u : f i x c r a s h w i t h s h a r e d d i s k s ( r h b z # 1 1 4 2 7 2 2 ) b r > - n v r a m : F i x p e r m i s s i o n s ( r h b z # 1 0 2 6 7 7 2 ) b r > - l i b v i r t . s p e c : F i x p e r m i s s i o n e v e n f o r l i b v i r t - d r i v e r - q e m u ( r h b z # 1 0 2 6 7 7 2 ) b r > - v i r D o m a i n U n d e f i n e F l a g s : A l l o w N V R A M u n l i n k i n g ( r h b z # 1 0 2 6 7 7 2 ) b r > - f o r m a t d o m a i n : U p d a t e l o a d e r / > e x a m p l e t o m a t c h t h e r e s t ( r h b z # 1 0 2 6 7 7 2 ) b r > - d o m a i n c a p s : E x p o s e U E F I c a p a b i l i t y ( r h b z # 1 0 2 6 7 7 2 ) b r > - q e m u _ c a p a b i l i t i e s : C h a n g e v i r Q E M U C a p s F i l l D o m a i n C a p s s i g n a t u r e ( r h b z # 1 0 2 6 7 7 2 ) b r > - d o m a i n c a p s : E x p o s e U E F I b i n a r y p a t h , i f i t e x i s t s ( r h b z # 1 0 2 6 7 7 2 ) b r > - d o m a i n c a p s t e s t : R u n c l e a n l y o n s y s t e m s m i s s i n g O V M F f i r m w a r e ( r h b z # 1 0 2 6 7 7 2 ) b r > - c o n f : D i s a l l o w n o n e x i s t e n t N U M A n o d e s f o r h u g e p a g e s ( r h b z # 1 1 3 5 3 9 6 ) b r > - q e m u : H o n o r h u g e p a g e s f o r U M A d o m a i n s ( r h b z # 1 1 3 5 3 9 6 ) b r > - R H E L : F i x m a x v c p u s o u t p u t ( r h b z # 1 0 9 2 3 6 3 ) b r > - v i r s h : A d d i o t h r e a d t o ' a t t a c h - d i s k ' ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u : I s s u e q u e r y - i o t h r e a d s a n d t o g e t l i s t o f a c t i v e I O T h r e a d s ( r h b z # 1 1 0 1 5 7 4 ) b r > - v i r c g r o u p : I n t r o d u c e v i r C g r o u p N e w I O T h r e a d ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u _ d o m a i n : A d d n i o t h r e a d p i d s a n d i o t h r e a d p i d s ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u _ c g r o u p : I n t r o d u c e c g r o u p f u n c t i o n s f o r I O T h r e a d s ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u : A l l o w p i n n i n g s p e c i f i c I O T h r e a d s t o a C P U ( r h b z # 1 1 0 1 5 7 4 ) b r > - d o m a i n _ c o n f : A d d i o t h r e a d p i n t o c p u t u n e ( r h b z # 1 1 0 1 5 7 4 ) b r > - v i r c g r o u p : F i x b r o k e n b u i l d s w i t h o u t c g r o u p s ( r h b z # 1 1 0 1 5 7 4 ) b r > - c p u t u n e : a l l o w i n t e r l e a v e d x m l ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u : F i x i o t h r e a d s i s s u e ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u _ c g r o u p : A d j u s t s p a c i n g a r o u n d i n c r e m e n t o r ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u : F i x c a l l i n q e m u D o m a i n S e t N u m a P a r a m s L i v e f o r v i r C g r o u p N e w I O T h r e a d ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u : N e e d t o c h e c k f o r c a p a b i l i t y b e f o r e q u e r y ( r h b z # 1 1 0 1 5 7 4 ) b r > - q e m u : D o n ' t f a i l s t a r t u p / a t t a c h f o r I O T h r e a d s i f n o J S O N ( r h b z # 1 1 0 1 5 7 4 ) b r > - F i x e s f o r d o m a i n s w i t h n o i o t h r e a d s ( r h b z # 1 1 0 1 5 7 4 ) b r > b r > [ 1 . 2 . 8 - 2 ] b r > - r e m o t e : F i x m e m o r y l e a k o n e r r o r p a t h w h e n d e s e r i a l i z i n g b u l k s t a t s ( r h b z # 1 1 3 6 3 5 0 ) b r > - s p e c : F i x p r e u n s c r i p t f o r d a e m o n ( r h b z # 1 1 3 6 7 3 6 ) b r > - s e c u r i t y : f i x D H k e y g e n e r a t i o n w h e n F I P S m o d e i s o n ( r h b z # 1 1 2 8 4 9 7 ) b r > - t e s t s : f o r c e F I P S t e s t i n g m o d e w i t h n e w e n o u g h G N U T L S v e r s i o n s ( r h b z # 1 1 2 8 4 9 7 ) b r > - D o n ' t i n c l u d e n o n - m i g r a t a b l e f e a t u r e s i n h o s t - m o d e l ( r h b z # 1 1 3 8 2 2 1 ) b r > - q e m u : R e n a m e D E F A U L T _ J O B _ M A S K t o Q E M U _ D E F A U L T _ J O B _ M A S K ( r h b z # 1 1 3 4 1 5 4 ) b r > - q e m u : s n a p s h o t : F i x j o b h a n d l i n g w h e n c r e a t i n g s n a p s h o t s ( r h b z # 1 1 3 4 1 5 4 ) b r > - q e m u : s n a p s h o t : A c q u i r e j o b e a r l i e r o n s n a p s h o t r e v e r t / d e l e t e ( r h b z # 1 1 3 4 1 5 4 ) b r > - q e m u : s n a p s h o t : F i x s n a p s h o t f u n c t i o n h e a d e r f o r m a t t i n g a n d s p a c i n g ( r h b z # 1 1 3 4 1 5 4 ) b r > - q e m u : s n a p s h o t : S i m p l i f y e r r o r p a t h s ( r h b z # 1 1 3 4 1 5 4 ) b r > - q e m u : P r o p a g a t e Q E M U e r r o r s d u r i n g i n c o m i n g m i g r a t i o n s ( r h b z # 1 0 9 0 0 9 3 ) b r > - R e f a c t o r j o b s t a t i s t i c s ( r h b z # 1 0 6 3 7 2 4 ) b r > - q e m u : A v o i d i n c r e m e n t i n g j o b s _ q u e u e d i f v i r T i m e M i l l i s N o w f a i l s ( r h b z # 1 0 6 3 7 2 4 ) b r > - A d d s u p p o r t f o r f e t c h i n g s t a t i s t i c s o f c o m p l e t e d j o b s ( r h b z # 1 0 6 3 7 2 4 ) b r > - q e m u : S i l e n c e c o v e r i t y o n o p t i o n a l m i g r a t i o n s t a t s ( r h b z # 1 0 6 3 7 2 4 ) b r > - v i r s h : A d d s u p p o r t f o r c o m p l e t e d j o b s t a t s ( r h b z # 1 0 6 3 7 2 4 ) b r > - q e m u : T r a n s f e r m i g r a t i o n s t a t i s t i c s t o d e s t i n a t i o n ( r h b z # 1 0 6 3 7 2 4 ) b r > - q e m u : R e c o m p u t e d o w n t i m e a n d t o t a l t i m e w h e n m i g r a t i o n c o m p l e t e s ( r h b z # 1 0 6 3 7 2 4 ) b r > - q e m u : T r a n s f e r r e c o m p u t e d s t a t s b a c k t o s o u r c e ( r h b z # 1 0 6 3 7 2 4 ) b r > - c o n f : E x t e n d l o a d e r / > a n d i n t r o d u c e n v r a m / > ( r h b z # 1 1 1 2 2 5 7 ) b r > - q e m u : I m p l e m e n t e x t e n d e d l o a d e r a n d n v r a m ( r h b z # 1 1 1 2 2 5 7 ) b r > - q e m u : A u t o m a t i c a l l y c r e a t e N V R A M s t o r e ( r h b z # 1 1 1 2 2 5 7 ) b r > b r > [ 1 . 2 . 8 - 1 ] b r > - R e b a s e d t o l i b v i r t - 1 . 2 . 8 ( r h b z # 1 0 3 5 1 5 8 ) b r > - T h e r e b a s e a l s o f i x e s t h e f o l l o w i n g b u g s : b r > r h b z # 9 2 7 3 6 9 , r h b z # 9 5 7 2 9 3 , r h b z # 9 9 9 9 2 6 , r h b z # 1 0 2 1 7 0 3 , r h b z # 1 0 4 3 7 3 5 b r > r h b z # 1 0 4 7 8 1 8 , r h b z # 1 0 6 2 1 4 2 , r h b z # 1 0 6 4 7 7 0 , r h b z # 1 0 7 2 6 5 3 , r h b z # 1 0 7 8 1 2 6 b r > r h b z # 1 0 9 5 6 3 6 , r h b z # 1 1 0 3 2 4 5 , r h b z # 1 1 1 9 2 1 5 , r h b z # 1 1 2 1 8 3 7 , r h b z # 1 1 2 1 9 5 5 b r > r h b z # 1 1 2 2 4 5 5 , r h b z # 1 1 2 6 3 2 9 , r h b z # 1 1 2 6 7 2 1 , r h b z # 1 1 2 6 9 0 9 , r h b z # 1 1 2 8 0 9 7 b r > r h b z # 1 1 2 8 7 5 1 , r h b z # 1 1 2 9 2 0 7 , r h b z # 1 1 2 9 3 7 2 , r h b z # 1 1 2 9 9 9 8 , r h b z # 1 1 3 0 0 8 9 b r > r h b z # 1 1 3 0 3 7 9 , r h b z # 1 1 3 1 3 0 6 , r h b z # 1 1 3 1 4 4 5 , r h b z # 1 1 3 1 7 8 8 , r h b z # 1 1 3 1 8 1 1 b r > r h b z # 1 1 3 1 8 1 9 , r h b z # 1 1 3 1 8 7 6 , r h b z # 1 1 3 2 3 0 1 , r h b z # 1 1 3 2 3 0 5 , r h b z # 1 1 3 2 3 4 7 b r > b r > [ 1 . 2 . 7 - 1 ] b r > - R e b a s e d t o l i b v i r t - 1 . 2 . 7 ( r h b z # 1 0 3 5 1 5 8 ) b r > - T h e r e b a s e a l s o f i x e s t h e f o l l o w i n g b u g s : b r > r h b z # 8 2 3 5 3 5 , r h b z # 8 7 2 6 2 8 , r h b z # 8 7 4 4 1 8 , r h b z # 8 7 8 3 9 4 , r h b z # 8 8 0 4 8 3 b r > r h b z # 9 2 1 0 9 4 , r h b z # 9 6 3 8 1 7 , r h b z # 9 6 4 1 7 7 , r h b z # 9 6 7 4 9 3 , r h b z # 9 6 7 4 9 4 b r > r h b z # 9 7 2 9 6 4 , r h b z # 9 8 3 3 5 0 , r h b z # 9 8 5 7 8 2 , r h b z # 9 8 5 9 8 0 , r h b z # 9 9 0 3 1 9 b r > r h b z # 9 9 0 4 1 8 , r h b z # 9 9 1 2 9 0 , r h b z # 9 9 2 9 8 0 , r h b z # 9 9 4 7 3 1 , r h b z # 9 9 5 3 7 7 b r > r h b z # 9 9 7 6 2 7 , r h b z # 9 9 7 8 0 2 , r h b z # 1 0 0 6 7 0 0 , r h b z # 1 0 0 7 6 9 8 , r h b z # 1 0 0 7 7 5 9 b r > r h b z # 1 0 1 0 8 8 5 , r h b z # 1 0 2 2 8 7 4 , r h b z # 1 0 2 3 3 6 6 , r h b z # 1 0 2 5 4 0 7 , r h b z # 1 0 2 7 0 7 6 b r > r h b z # 1 0 2 9 2 6 6 , r h b z # 1 0 2 9 7 3 2 , r h b z # 1 0 3 2 3 6 3 , r h b z # 1 0 3 3 0 2 0 , r h b z # 1 0 3 3 3 9 8 b r > r h b z # 1 0 3 3 7 0 4 , r h b z # 1 0 3 5 1 2 8 , r h b z # 1 0 4 6 1 9 2 , r h b z # 1 0 4 9 0 3 8 , r h b z # 1 0 5 2 1 1 4 b r > r h b z # 1 0 5 6 9 0 2 , r h b z # 1 0 6 2 1 4 2 , r h b z # 1 0 6 3 8 3 7 , r h b z # 1 0 6 6 2 8 0 , r h b z # 1 0 6 6 8 9 4 b r > r h b z # 1 0 6 7 3 3 8 , r h b z # 1 0 6 9 5 5 2 , r h b z # 1 0 6 9 7 8 4 , r h b z # 1 0 7 0 6 8 0 , r h b z # 1 0 7 2 1 4 1 b r > r h b z # 1 0 7 2 6 7 7 , r h b z # 1 0 7 3 3 6 8 , r h b z # 1 0 7 3 5 0 6 , r h b z # 1 0 7 4 0 8 6 , r h b z # 1 0 7 5 2 9 0 b r > r h b z # 1 0 7 5 2 9 9 , r h b z # 1 0 7 6 9 5 7 , r h b z # 1 0 7 6 9 5 9 , r h b z # 1 0 7 6 9 6 0 , r h b z # 1 0 7 6 9 6 2 b r > r h b z # 1 0 7 7 0 0 9 , r h b z # 1 0 7 7 5 7 2 , r h b z # 1 0 7 8 5 9 0 , r h b z # 1 0 7 9 1 6 2 , r h b z # 1 0 7 9 1 7 3 b r > r h b z # 1 0 8 0 8 5 9 , r h b z # 1 0 8 1 8 8 1 , r h b z # 1 0 8 1 9 3 2 , r h b z # 1 0 8 2 1 2 4 , r h b z # 1 0 8 3 3 4 5 b r > r h b z # 1 0 8 4 3 6 0 , r h b z # 1 0 8 5 7 0 6 , r h b z # 1 0 8 5 7 6 9 , r h b z # 1 0 8 6 1 2 1 , r h b z # 1 0 8 6 3 3 1 b r > r h b z # 1 0 8 6 7 0 4 , r h b z # 1 0 8 7 1 0 4 , r h b z # 1 0 8 7 6 7 1 , r h b z # 1 0 8 8 2 9 3 , r h b z # 1 0 8 8 6 6 7 b r > r h b z # 1 0 8 8 7 8 7 , r h b z # 1 0 8 8 8 6 4 , r h b z # 1 0 8 9 1 7 9 , r h b z # 1 0 8 9 3 7 8 , r h b z # 1 0 9 1 1 3 2 b r > r h b z # 1 0 9 1 8 6 6 , r h b z # 1 0 9 2 0 3 8 , r h b z # 1 0 9 2 2 5 3 , r h b z # 1 0 9 3 1 2 7 , r h b z # 1 0 9 5 0 3 5 b r > r h b z # 1 0 9 7 0 2 8 , r h b z # 1 0 9 7 5 0 3 , r h b z # 1 0 9 7 6 7 7 , r h b z # 1 0 9 7 9 6 8 , r h b z # 1 0 9 8 6 5 9 b r > r h b z # 1 0 9 9 9 7 8 , r h b z # 1 1 0 0 0 8 6 , r h b z # 1 1 0 0 7 6 9 , r h b z # 1 1 0 1 0 5 9 , r h b z # 1 1 0 1 5 1 0 b r > r h b z # 1 1 0 1 9 8 7 , r h b z # 1 1 0 1 9 9 9 , r h b z # 1 1 0 2 4 2 6 , r h b z # 1 1 0 2 4 5 7 , r h b z # 1 1 0 2 6 1 1 b r > r h b z # 1 1 0 4 9 9 2 , r h b z # 1 1 0 4 9 9 3 , r h b z # 1 1 0 5 9 3 9 , r h b z # 1 1 0 8 5 9 3 , r h b z # 1 1 1 0 1 9 8 b r > r h b z # 1 1 1 0 2 1 2 , r h b z # 1 1 1 0 6 7 3 , r h b z # 1 1 1 1 0 4 4 , r h b z # 1 1 1 2 9 3 9 , r h b z # 1 1 1 3 3 3 2 b r > r h b z # 1 1 1 3 6 6 8 , r h b z # 1 1 1 3 7 5 1 , r h b z # 1 1 1 3 8 6 8 , r h b z # 1 1 1 8 7 1 0 , r h b z # 1 1 1 9 2 0 6 b r > r h b z # 1 1 1 9 3 8 7 , r h b z # 1 1 1 9 5 9 2 , r h b z # 1 1 2 0 4 7 4 , r h b z # 1 1 2 2 2 5 5 , r h b z # 1 1 2 2 9 7 3 b r > - s p e c : E n a b l e q e m u d r i v e r f o r R H E L - 7 o n p p c 6 4 ( r h b z # 1 1 2 0 4 7 4 ) b r > b r > [ 1 . 2 . 6 - 1 ] b r > - R e b a s e d t o l i b v i r t - 1 . 2 . 6 ( r h b z # 1 0 3 5 1 5 8 ) / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 8 1 3 6 . h t m l \" > C V E - 2 0 1 4 - 8 1 3 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 5 - 0 2 3 6 . h t m l \" > C V E - 2 0 1 5 - 0 2 3 6 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > l i b v i r t - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . s r c . r p m / t d > t d > f 7 6 1 f 5 9 6 7 e 4 a 7 c 0 8 b a b c 7 4 f 1 b 2 c 5 1 6 2 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 0 4 9 8 9 f 5 b 4 c 1 b d 3 4 c 4 1 f 5 b 3 1 6 a 5 3 d 6 b 8 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - c l i e n t - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . i 6 8 6 . r p m / t d > t d > 2 8 0 f 0 a 6 9 b 3 c 1 f 4 e 3 9 3 7 b 0 9 8 7 b d 9 0 1 8 f 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - c l i e n t - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 1 e f a 2 b 1 3 8 e c 7 3 a a 6 5 a e 4 6 0 6 d 5 5 7 d a 9 4 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 3 e 6 6 6 6 1 5 a 6 f f 4 8 9 b e 6 3 3 8 2 d f e 8 b a 4 4 8 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - c o n f i g - n e t w o r k - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 8 5 e 1 2 c e 9 a 4 e 0 e c c 4 f 7 0 9 b b 5 b 0 9 e a a a c 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - c o n f i g - n w f i l t e r - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 9 5 4 1 3 7 4 f 0 b 7 7 3 0 c 7 c 8 b f 6 5 5 b a 5 e f a 6 5 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - i n t e r f a c e - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > f f 4 d a 6 0 0 f f 2 e 2 5 9 c 0 1 c 0 9 0 5 f a 2 5 5 b 6 8 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - l x c - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 2 4 5 e c 9 3 d 5 5 4 1 b 5 9 b b a c 5 0 3 9 4 6 6 6 0 f 2 3 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - n e t w o r k - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > f 4 f c 2 8 5 9 e 6 3 8 0 7 c b d 8 5 8 e 4 d 2 7 3 d 0 6 0 a 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - n o d e d e v - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 3 b 3 d 7 a 4 f c b 7 c c 3 2 e 1 0 c 2 2 2 b 5 8 9 4 0 d 4 c 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - n w f i l t e r - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 1 6 5 3 e e b f 2 9 2 b 8 a f 9 0 3 f 8 3 a 2 8 7 f 8 0 8 e 5 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - q e m u - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 0 3 e 7 6 5 c d 0 b 1 a 4 1 f 8 1 5 9 5 b 6 5 b d b 4 4 2 f 6 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - s e c r e t - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 8 3 f c a 0 c f e 8 4 6 2 b 0 6 2 1 5 c 9 0 5 f d b f 2 8 b 7 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - d r i v e r - s t o r a g e - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > a 7 f a 2 7 f 1 7 8 2 4 f 4 b 9 9 a 7 7 a 5 f c 1 a c 5 2 d 0 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - k v m - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 0 c c 1 3 9 2 e d 7 1 e 8 7 1 f f 8 1 3 9 1 6 b 8 9 e d 5 6 e d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d a e m o n - l x c - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 3 6 3 3 c 2 a 2 c 2 c 7 9 6 b 3 6 0 5 f e 4 e 9 1 d f 0 c 9 1 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d e v e l - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . i 6 8 6 . r p m / t d > t d > 2 e f 5 5 9 a 5 1 e d 2 8 f c b b b 9 a 8 b b 0 7 6 b 3 1 e 7 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d e v e l - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 9 5 8 e 6 1 a c 1 d 3 7 9 a a 8 1 c b 8 3 2 e 5 c f e 4 e a 2 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - d o c s - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > c a d 6 e c f c 5 7 2 8 0 0 e f d b 0 b f 0 c 1 9 1 9 7 b 0 4 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - l o c k - s a n l o c k - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > f 8 c 0 f 0 3 5 5 3 4 3 b d f 8 a 6 4 b d 0 d 7 d b f a 1 3 d 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > t r > t d > / t d > t d > l i b v i r t - l o g i n - s h e l l - 1 . 2 . 8 - 1 6 . 0 . 1 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 6 0 6 7 2 4 1 9 0 8 9 b 6 4 0 a 4 9 3 e c e b 4 7 4 b f d 2 a e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 2 3 3 4 . h t m l \" > E L B A - 2 0 1 7 - 2 3 3 4 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "edition": 4, "reporter": "Oracle", "published": "2015-03-11T00:00:00", "title": "libvirt security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8136", "CVE-2014-7823", "CVE-2014-3657", "CVE-2014-3633", "CVE-2014-8131", "CVE-2015-0236"], "modified": "2015-03-11T00:00:00", "id": "ELSA-2015-0323", "href": "http://linux.oracle.com/errata/ELSA-2015-0323.html", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}]}